UK Companies Turning to Ex-Hackers to Plug Cyber Skills Gap

By   ISBuzz Team
Writer , Information Security Buzz | Jan 11, 2015 05:02 pm PST

Recent reports in the media have shown that more and more companies are turning to ex-hackers of IT systems to thwart the efforts of cyber criminals, and research by one of the world’s top four accountancy firms has also backed up the findings.

KPMG data

According to information compiled by KPMG, over half of all firms working in the UK are open to taking on former hackers in high-profile and high-paying information security jobs.

In a poll of 300 senior IT security management and HR workers, the talent deficit is seeing exclusive and profitable contracts offered to the type of people they are eager to prevent attacking them.

Free eBook: Modern Retail Security Risk – Get your copy now.

The results of the survey showed that 53% of UK companies would consider employing a hacker, with a similar number admitting to taking on someone with a cyber criminal record.

Just under 25% of respondents said they were currently experiencing cyber security issues.

About 70% of firms also admitted that they did not have the expertise or data controls in place to tackle the cyber challenges they are facing. Of those that did admit a lack in skills, most said it was because of the unique skills that IT risk jobs demand.

The survey also found that 57% of those responding reported an aggressive information security recruitment landscape.

Government action

The efforts of private UK companies are also being backed up by coordinated action from the Government. With a National Cyber Security Strategy in place at an initial cost of £860m, the Department for Business, Innovation and Skills (BIS) has said that making sure firms have the skills and experts in pace to combat cyber crime is ‘essential’.

A spokesperson for BIS said:

“We are working in partnership with industry and academia to improve cyber security skills at all levels, including developing guidance and training for businesses so they can deal with cyber threats to their information and services.”

In the summer, the minister for the Cabinet Office, the Rt. Hon. Francis Maude, announced the certification of six cyber security master’s degrees. Said to mark another important step in how knowledge, skills and capability are being developed in the UK, it showed how the national strategy is recognising the significant role education will play in the process.

Certified by the Government Communications Headquarters (GCHQ), the degrees were assessed in regards to their definition and appropriateness of content and quality. Four university degrees were given full certified status, with a further two given provisional certified status.

With a further round of certification approval, it is hoped that by achieving the degrees, those with an early interest in tackling cyber crime could land well paid information security contract jobs.

The four universities with full status are: Edinburgh Napier University, for its MSc in Advanced Security and Digital Forensics; Lancaster University, for its MSc in Cyber Security; the University of Oxford and its MSc in Software and Systems Security; and Royal Holloway, University of London, for its MSc in Information Security.

About Acumin
acuminAcumin is an international Information Security and Information Risk Management recruitment specialist. The company works with a variety of markets comprising of End Users, IT Security Vendors, Systems Integrators and Consultancies.

Acumin provides a range of specialist services which include contingency Permanent Recruitment, Contract Recruitment and retained Executive Search. For SMB and Enterprise End User clients, Acumin facilitates the development of internal Information Security and Risk Management teams across the UK, Europe and United States.